Debian PostgreSQL-13 Critical Buffer Overflow and DoS Issues DLA-4646-1
debian lts
June 24, 2026
Brief introduction CVE-2026-6473 Integer wraparound in multiple PostgreSQL server features allows an application input provider to cause the server to undersize an allocation and w...
Topics Covered
Summary
CVE-2026-6473
Integer wraparound in multiple PostgreSQL server features allows an
application input provider to cause the server to undersize an allocation
and write out-of-bounds.
CVE-2026-6474
Externally-controlled format string in PostgreSQL timeofday() function
allows an attacker to retrieve portions of server memory, via crafted
timezone zones
CVE-2026-6475
Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind
allows an origin superuser to overwrite local files, that hijack the
operating system account. It will remain the case that starting the server
after these commands implicitly trusts the origin superuser, due to features
like shared_preload_libraries.
CVE-2026-6477
Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in
PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64()
functions allows the server superuser to overwrite a client stack buffer
with an arbitrarily-large response.
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Package: postgresql-13
Version: 13.23-0+deb11u4
CVE ID: CVE-2026-6473 CVE-2026-6474 CVE-2026-6475 CVE-2026-6477
Debian Bug:
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!